mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the agent to fetch documentation from
https://modelcontextprotocol.ioandhttps://raw.githubusercontent.com/modelcontextprotocol/.... These domains are authoritative for the protocol but are not included in the 'Trusted External Sources' whitelist. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface identified. The skill designed to ingest and process external documentation creates an attack surface where malicious content in those sources could influence agent behavior. 1. Ingestion points: Documentation URLs in SKILL.md Phase 1. 2. Boundary markers: Absent; no explicit delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: Recommended use of
npm,npx, andpythontools for building and testing servers. 4. Sanitization: Absent; external documentation is used directly to inform code generation.
Audit Metadata